Search Results (602 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1029 2 Freebsd, Openbsd 2 Freebsd, Openssh 2026-04-16 N/A
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.
CVE-2005-2359 1 Freebsd 1 Freebsd 2026-04-16 N/A
The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session.
CVE-2002-0795 1 Freebsd 1 Freebsd 2026-04-16 N/A
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.
CVE-2002-0794 1 Freebsd 1 Freebsd 2026-04-16 N/A
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue.
CVE-1999-0796 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.
CVE-1999-0022 6 Bsdi, Freebsd, Hp and 3 more 7 Bsd Os, Freebsd, Hp-ux and 4 more 2026-04-16 7.8 High
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
CVE-1999-1572 5 Debian, Freebsd, Mandrakesoft and 2 more 6 Debian Linux, Freebsd, Mandrake Linux and 3 more 2026-04-16 N/A
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
CVE-1999-0782 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2026-04-16 N/A
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
CVE-2001-1017 1 Freebsd 1 Freebsd 2026-04-16 N/A
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.
CVE-2002-0574 1 Freebsd 1 Freebsd 2026-04-16 N/A
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed.
CVE-2001-0969 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.
CVE-1999-1313 1 Freebsd 1 Freebsd 2026-04-16 N/A
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
CVE-1999-0821 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.
CVE-2005-2068 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session.
CVE-2002-0824 1 Freebsd 1 Point-to-point Protocol Daemon 2026-04-16 N/A
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
CVE-2001-1166 1 Freebsd 1 Freebsd 2026-04-16 N/A
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process.
CVE-2002-0829 1 Freebsd 1 Freebsd 2026-04-16 N/A
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system.
CVE-1999-0783 1 Freebsd 1 Freebsd 2026-04-16 5.5 Medium
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
CVE-2002-0830 1 Freebsd 1 Freebsd 2026-04-16 N/A
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.
CVE-1999-0078 10 Bsdi, Freebsd, Hp and 7 more 11 Bsd Os, Freebsd, Hp-ux and 8 more 2026-04-16 N/A
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.